Crypto Company Hit For $400m

The world’s third largest crypto-currency firm Coinbase Global has said that a recent cyber attack will probably cost it around $400m (£301m). 

The firm was contacted by hackers who said they had gained access to customer information, obtained by making payments to Coinbase contractors and employees.

Breached data included names and contact information, partial social security and bank account identifiers, government identification images, and some corporate and account data. The disclosure prompted the firm's share price to fall by 4.1%.

The alleged cyber attacker, who demanded money to not disclose the information, appeared to bribe overseas Coinbase employees to obtain the files, the company said. “Criminals targeted our customer support agents overseas. They used cash offers to convince a small group of insiders to copy data in our customer support tools for less than 1% of Coinbase monthly transacting users.

“Their aim was to gather a customer list they could contact while pretending to be Coinbase, tricking people into handing over their crypto,” Coinbase said on their blog. The group then demanded $20m from Coinbase to keep it quiet, but it refused to pay the bribe and instead promised to refund every person who got scammed.

The cyber attack comes days before the US company is set to join the benchmark S&P 500 index, a landmark moment for the crypto industry. It also reflects how, as it grows, the industry has increasingly become a target for cyber criminals.

Following the attack, the exchange says that it will strengthen its internal data management processes and relocate some of its customer support operations to avoid similar incidents.

A report from research firm Chainalysis suggests funds stolen from crypto businesses totalled $2.2bn in 2024.

 Coinbase   |    BBC   |    Reuters     |   Coin Telegraph   |    MSN   |   9to5Mac   |   Chainalysis

You Might Also Read:

Biggest Data Breaches Of The Last 15 Years [extract]:


If you like this website and use the comprehensive 8,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Recent Ransomware Attacks Have Focused On Identity Gaps
Kill Switches Secretly Installed In Solar Panels »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

SonicWall

SonicWall

SonicWall provide products for network security, access security, email security & encryption.

Perspective Risk

Perspective Risk

Perspective Risk provides penetration testing, security assessments, risk management & compliance solutions, InfoSec training and consultancy services.

enSilo

enSilo

enSilo secures customers data on premise or in the cloud. Regardless of the where the threat comes from, enSilo can protect your data.

PeCERT

PeCERT

PeCERT is the national Computer Emergency Response Team for Peru.

Paygilant

Paygilant

Paygilant’s disruptive technology is designed to protect mobile payment  financial transactions against fraudulent attacks, whether executed by NFC, QR code, P2P or in-app.

PKWARE

PKWARE

PKWARE is a global leader in business data security, providing encryption and compression solutions to enterprise customers and government entities around the world.

AuthLite

AuthLite

With AuthLite, you can keep using all your existing software, with added two-factor authentication security placed exactly where you need it.

Secura B.V.

Secura B.V.

Secura is an independent specialized cybersecurity expert, providing insights to protect valuable assets and data.

North West Cyber Resilience Centre (NWCRC)

North West Cyber Resilience Centre (NWCRC)

The North West Cyber Resilience Centre is a trusted, not-for-profit venture between Greater Manchester Police and Manchester Digital.

North East Business Resilience Centre (NEBRC)

North East Business Resilience Centre (NEBRC)

The North East Business Resilience Centre is a non-profit organisation here to support businesses in the North East of England in protecting themselves from cyber crimes and fraud.

RegScale

RegScale

RegScale helps organizations comply in real-time with multiple compliance requirements (NIST, CMMC, ISO, SOX, etc), scalable to meet the needs of the entire enterprise.

Tech Vedika

Tech Vedika

Tech Vedika has access to technical guidance, training and resources from AWS to successfully undertake solution architecture, application development, application migration, and managed services.

Xobee Networks

Xobee Networks

Xobee Networks is a Managed Service Provider of innovative, cost-effective, and cutting-edge technology solutions in California.

Davinsi Labs

Davinsi Labs

Davinsi Labs helps companies achieve Digital Service Excellence with specialized Security Intelligence and Service Intelligence solutions.

NextGen Cyber Talent

NextGen Cyber Talent

NextGen Cyber Talent is a non-profit providing a platform to increase diversity and inclusion in the cybersecurity industry.

Defend

Defend

DEFEND are 100% focused on providing managed cybersecurity solutions and services that make a real difference to the cyber resilience of your organisation.